Background
-
This is not a new problem
-
login(1) has been trojaned in various ways for decades
-
Cross-site scripting seems to be the web's new trojaned login(1)
-
This is interesting because the same old issue is coming up in new security systems (SELinux). Administrators and policy writers need to be aware of this fact.
-
Vulnerabilities in unprivileged applications still matter
-
Policies should target unprivileged applications
-
Why is it often the case that Mozilla Firefox and other network-facing client applications do not have strict policies? For example, why should Mozilla Firefox be allowed to overwrite my ~/.profile? Or read my GPG keys?
-
People are still using su(1)
-
People are still using sudo(1)
-
Other applications and frameworks may have this problem
-
GNOME's gksu and related utilities? PolicyKit?